Introduction
This Privacy Policy outlines our commitment to data protection and compliance with data protection laws within India.
It aims to provide transparency and assurance to our members regarding the collection, storage, and use of their personal information. By becoming a member and using our services, you consent to the practices described in this policy.
Our Role
We are an Association that provides Membership services to restaurants, hotels, and other establishments in India who choose to be our members. We collect personal and business data as part of the membership process, which helps us deliver our services effectively.
Consent of the prospect member is sought during application by the prospect member.
If a member does not provide their consent, FHRAI will be unable to offer certain benefits or services associated with their membership, such as:
Membership Discount Card (Only for Hotel & Restaurant Members) And Certificate
Eazydiner Prime Membership
FHRAI Today Bi- Monthly Magazine & Monthly Newsletter
Why We Collect PII
We collect personally identifiable information (PII) from members and vendors as per applicability to ensure the efficient delivery of our services and to comply with the requirements of operating an association. The specific reasons for collecting each category of PII are as follows:
Name: Your name is collected to establish your membership, personalize communications, and facilitate interactions with our services.
Address:Your address is required for various purposes, including verifying your membership eligibility, enabling specific features within our application, and delivering relevant communications.
Aadhar Card Number: We collect your Aadhar card number as part of compliance with legal and regulatory requirements.
PAN Card: Your PAN card information may be collected for taxation purposes and to comply with legal obligations.
GST certificate -GSTIN is a critical component of the GST framework, facilitating compliance, transparency, and efficiency in the taxation process for industry members.
CIN number (if applicable)-We collect your CIN number as CIN is a unique number that can be used for identifying or tracking companies for several levels of information that ROC / MCA holds.
TAN number-We collect your TAN number as it is mandatory under Income-Tax Law to apply for and obtain TAN if an organization is liable to deduct tax at source on certain payments.
Please note that the collection of PII is done in accordance with applicable laws and regulations, and we take appropriate measures to protect the confidentiality and security of the collected information. This information is not shared with third parties except as required by law.
Security of PII
We employ robust security measures to ensure the secure storage of collected PII:
Access Control: Authorized personnel with specific job responsibilities have limited access to stored PII, enforced through unique user credentials and role-based permissions.
Physical Security: Physical safeguards like access controls and surveillance systems protect against unauthorized physical access.
Disciplinary Policy: Strict policies and non-disclosure agreements prevent misuse of Personal Data by staff and vendors.
Vendor Policy: Strong agreements are in place with vendors processing personal data, including regular risk assessments.
Security Audits: Periodic security audits and assessments identify and address vulnerabilities to maintain robust security.
Please note that while we implement these measures, no method of data transmission or storage can be entirely guaranteed as 100% secure. However, we strive to adhere to industry best practices for data protection.
Obligations to Members
We offer a Member Helpdesk for Modification, Deletion, and Consent Withdrawal of Personal Data. Our Data Protection Officer (DPO), Ms. Payal Swami
(asg@fhrai.com) , oversees privacy practices, compliance, and acts as the main point of contact for queries related to PII processing.
Security Incidents
We take PII security seriously and have outlined guidelines for addressing security incidents:
Critical Security Incidents: A dedicated response team addresses critical incidents promptly, mitigating their impact, investigating causes, and implementing corrective actions.
Incidents Involving PII: Unauthorized access, disclosure, alteration, or destruction prompts immediate assessment and necessary actions. Affected individuals are informed with protective measures.
Security Protocols with Vendors
Our data sharing with trusted vendors is governed by robust security protocols:
Confidentiality Measures: Legally binding agreements enforce vendor confidentiality and restrict data use.
Data Encryption: Industry-standard encryption protocols protect data during transmission and storage.
Security Audits: Regular assessments of vendors' security practices ensure compliance.
Incident Response and Notification: An incident response plan addresses breaches or incidents involving vendors, ensuring timely notifications.
Any Vendor/ Consultant/ Service Provider under an active Agreement/ Contract is restricted to compromise any data/ information in any format within their custody. Upon the expiration or termination of any Agreement/ Contract vendor shall promptly return all data/ information, in any format, held within their custody & any residual copies must be explicitly destroyed, with confirmation provided to FHRAI. Detection of any unauthorized use or abuse is imperative & the liability solely stands with the Vendor/ Consultant/ Service Provider & not FHRAI.
No Misuse of PII
We want to assure our members that the PII collected by us is never misused for any purpose other than those explicitly mentioned in this policy. We are committed to upholding the trust you place in us and ensuring that your data is treated with the utmost respect and integrity.
Conclusion
This Privacy Policy underscores our commitment to protecting your personal information and complying with data protection laws. Regular updates and compliance with best practices reflect our dedication to data security and privacy.
For any queries, concerns, or requests related to your personal data, please contact our Data Protection Officer, Ms. Payal Swami, at (asg@fhrai.com).